What is GHSA-jgf8-gg7j-fq24?

GHSA-jgf8-gg7j-fq24 is a security advisory published by GitHub Security Advisories with High severity. UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates...

Which CVE IDs does GHSA-jgf8-gg7j-fq24 cover?

GHSA-jgf8-gg7j-fq24 covers the following CVE IDs: CVE-2026-54223. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-jgf8-gg7j-fq24High

UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates...

Vendor

GitHub Security Advisories

Published

June 18, 2026

Last Modified

June 18, 2026

🔗 CVE IDs covered (1)

CVE-2026-54223 →

📋 Description

UBB.threads is vulnerable to Path traversal, allowing attackers with privilege to edit templates to read and write any file on the application’s server that application has privileges to, what results in Remote Code Execution. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 7.7.5 but may also affect other versions.

🔗 References (4)

https://nvd.nist.gov/vuln/detail/CVE-2026-54223
https://cert.pl/en/posts/2026/06/CVE-2026-54219
https://www.ubbcentral.com
https://github.com/advisories/GHSA-jgf8-gg7j-fq24